# SPDX-License-Identifier: MPL-2.0

# This Kea docker image provides the following functionality:
# - running Kea DHCPv4 service
# - running Kea control agent (exposes REST API over http)
# - open source hooks
# - possible to build with premium hooks

FROM alpine:3.22
LABEL org.opencontainers.image.authors="Kea Developers <kea-dev@lists.isc.org>"

# Add Kea packages from cloudsmith. Make sure the version matches that of the Alpine version.
# Also, install all the open source hooks. When updating, new instructions can
# be found at: https://cloudsmith.io/~isc/repos/kea-2-5/setup/#formats-alpine
ARG VERSION=3.1
ARG TOKEN
ARG PREMIUM

SHELL ["/bin/ash", "-o", "pipefail", "-c"]
RUN cp /etc/apk/repositories /etc/apk/repositories_backup && \
    # Install curl and bash for cloudsmith's script. Tzdata to allow timezone change.
    apk update && apk add --no-cache curl bash tzdata && \
    # Setup Cloudsmith repo
    if test "$(expr "$(echo "${VERSION}" | cut -d '.' -f 2)" % 2)" = 0; then \
        repo="kea-$(echo "${VERSION}" | cut -d '.' -f 1)-$(echo "${VERSION}" | cut -d '.' -f 2)"; \
    else \
        repo='kea-dev'; \
    fi && \
    curl -1sLf "https://dl.cloudsmith.io/public/isc/${repo}/setup.alpine.sh" | bash && \
    apk update && \
    # Install open-source Kea packages.
    apk add --no-cache \
        isc-kea-dhcp4~=${VERSION} \
        isc-kea-mysql~=${VERSION} \
        isc-kea-pgsql~=${VERSION} \
        isc-kea-hooks~=${VERSION} && \
    # If token is provided add premium Cloudsmith repository
    if [ -n "$TOKEN" ]; then \
        curl -1sLf "https://dl.cloudsmith.io/${TOKEN}/isc/${repo}-prv/setup.alpine.sh" | bash && \
        apk update && \
        # Install subscriber Kea hooks (provided TOKEN should have access to those pkgs)
        if [ "$PREMIUM" = "SUBSCRIBER" ]; then \
            apk add --no-cache \
                isc-kea-subscriber-cb-cmds~=${VERSION} \
                isc-kea-subscriber-rbac~=${VERSION}; \
        fi \
    fi && \
    # Revert Cloudsmith repositories
    mv /etc/apk/repositories_backup /etc/apk/repositories && \
    # remove curl and bash
    apk del curl bash


VOLUME ["/etc/kea", "/var/lib/kea/"]

COPY kea-dhcp4.conf /etc/kea/kea-dhcp4.conf
COPY hiddens /etc/kea/hiddens

# 8000 command control channel
# 8001 HA MT
# 67 blq
EXPOSE 8000-8001/tcp 67/tcp 67/udp

CMD ["/usr/sbin/kea-dhcp4", "-c", "/etc/kea/kea-dhcp4.conf"]
